Pages

Wednesday, January 7, 2009

If you let them, humans will mess it up

If you're not thoroughly convinced that humans are in fact the weakest link to any system, then take a look at the entry point of the twitter attack.

The [compromised] user turned out to be a member of Twitter's support staff, who'd chosen the weak password "happiness". full article

Really? The password of someone with admin privileges was the word "happiness"? I can only shake my head in amazement. So there you go, if you think for a second that your internal users are "trusted" or "responsible" in terms of security then just wait, your turn for the front page will come around.